我正在使用 Kong 来公开 Konga - 这是 Kong 管理界面的 UI。
我正在使用带有以下 dockerfile 的 docker stack 运行它:
version: "3.1"
secrets:
webservices_hostname:
external: true
webservices_cert:
external: true
webservices_key:
external: true
services:
#Create a new empty database for kong to use
# postgress used instead of cassendra as I haven't been able to find a healthcheck command for cassendra
kong-database:
image: postgres:9.4
deploy:
restart_policy:
condition: any
environment:
- POSTGRES_USER=kong
- POSTGRES_DB=kong
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
interval: 10s
timeout: 5s
retries: 5
#Setup kong database
kong-migration:
image: kong
deploy:
restart_policy:
condition: on-failure
environment:
- KONG_DATABASE=postgres
- KONG_PG_HOST=kong-database
command: kong migrations up
deploy:
restart_policy:
condition: on-failure
#Start the kong server
kong:
image: kong
deploy:
restart_policy:
condition: any
secrets:
- webservices_cert
- webservices_key
environment:
- KONG_DATABASE=postgres
- KONG_PG_HOST=kong-database
- KONG_PG_DATABASE=kong
- KONG_SSL_CERT=/run/secrets/webservices_cert
- KONG_SSL_CERT_KEY=/run/secrets/webservices_key
ports:
- 80:8000
- 443:8443
healthcheck:
test: ["CMD-SHELL", "curl -I -s -L http://127.0.0.1:8000 || exit 1"]
interval: 5s
retries: 10
restart: on-failure
#The next section starts a UI for kong called konga.
#We only need a ui for development experimentation and can be removed if no UI is required
# when it is running it can be accessed on port 1337
konga:
image: pantsel/konga
deploy:
restart_policy:
condition: on-failure
ports:
- 1337:1337
#Configure kong to forward requests to flaskapp
kong-addapis-konga:
image: byrnedo/alpine-curl
deploy:
restart_policy:
condition: on-failure
command: "-i -X POST \
--url http://kong:8001/apis/ \
--data 'name=flaskapp' \
--data 'uris=/flaskapp' \
--data 'upstream_url=http://flaskapp:80'
--data 'https_only=false'
"
我用命令启动堆栈
docker stack deploy --compose-file ./docker-compose.yml webservices
如果我访问 host:1337 Konga 将正常工作。我可以去连接,它可以毫无问题地连接到 kong admin api ( http://kong:8001 )
但是,如果我访问https://host:443/konga或http://host:80/konga,它会毫无问题地进入 konga,但是当我尝试让 konga 连接到 kong 时,会出现错误:
“哦,快!无法连接到http://kong:8001 ”
为什么通过 Kong 访问 Konga 会导致这种行为?我认为我如何连接到 Konga 并不重要——一旦我到达那里,使用直接暴露的端口或通过 Kong 应该没有区别。
有什么见解吗?